ITKaa.com

We are a software security firm bringing security expertise to SME's and Enterprise customers in a wide range of industry sectors such as financial institutions, on-line publishing, the insurance industry, and telecoms.

Our key focus is on helping companies take phased steps towards the adoption of a Secure Development Life cycle. Our experts carry out and help clients manage the full range of activities such as, conducting software assurance maturity assessment, providing security training, architecture reviews, source code audits, vulnerability assessments and remediation, right down to developing of security related libraries and support tools.

Collectively our team of experts have over 100 years of software engineering experience.

You could not be in better hands.

What we do

What we do

Services

Software Development

We are first and foremost a software house and have a track record of delivering on-time and in-budget solutions to our customers. Our core team have extensive programming experience in C/C++, Java, C# and have taken projects from the requirement phase through to design, implementation, deployment and maintenance phases.

This is one of our core strengths when addressing software security as we practice what we preach.

Software Assurance Maturity Assessment

ITKaa use OpenSAMM to help benchmark the organisation's existing security posture and work in conjunction with management to build a well defined plan for iterative improvements to the security assurance program. This is a recommended first step before concrete improvements can be brought about and measured against derived performance indicator.

Threat Modelling & Architecture Review

We can assist in performing or reviewing application threat models and architecture reviews.

Security Training & Education

We provide a variety of on-premise instructor lead development security training modules focusing on common software exploits and best practices with examples in the more common programming languages.

Source Code Review

We have extensive experience in performing source code reviews and have been providing this service to enterprise customers for nearly a decade. Manual code review is performed in conjunction with HP Fortify Static Source Code analyzer to help with the application risk assessment.

Remediation

When needed we can assist with remediation of issues identified in the source code review steps with in code fixes or when appropriate providing guidance on selecting and deploying mitigating controls to address security flaws.

Regulatory Compliance

Contact us for assistance with regulatory requirements such as PCI DSS or MAS TRM Guidelines.